Will all of the anonymously lobbed U.S. government allegations against Moscow-based security vendor Kaspersky Lab send anti-virus users running for the hills? Don't let it, one security expert says, noting that ditching AV would be a gift to cybercriminals and intelligence agencies alike.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
CISOs need to anticipate the important questions their CEO is likely to ask as mega-breaches make headlines and data security is in the spotlight. Here, security leaders offer insights on how to answer eight tough questions.
Experts speaking out on how boards of directors and CISOs must do a better job in strengthening board involvement on cybersecurity matters leads the latest edition of the ISMG Security Report. Also, "Catch Me if You Can" impostor Frank Abagnale on the Equifax hack.
Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications for better security and end-user experience, says Jim Routh, the health insurer's CISO.
Freedom of Information requests sent to 430 U.K. local government councils by Barracuda Networks found that at least 27 percent of councils have suffered ransomware outbreaks. Thankfully, almost none have paid ransoms, and good backup practices appear widespread.
Given the current threat environment, it's urgent that organizations add technical experts to their boards of directors to help ensure the development of effective cybersecurity strategies, says Art Coviello, retired chairman of RSA.
What advice does the new CISO of fast-food giant McDonald's, who has served as CISO at two other major corporations, have for how to communicate with the board of directors? Tim Youngblood offers insights in this exclusive interview.
In the latest edition of the ISMG Security Report: a look at the former Equifax chief information security officer and whether her lack of academic credentials in IT or IT security is relevant to the massive breach at the credit reporting agency.
Pressure continues to mount on credit reporting bureau Equifax over its massive data breach. In its wake, Equifax announced that its CIO and CSO would "retire" immediately and said that the Apache Struts flaw exploited by attackers was known to the security team.
In the move to a cashless economy in India and elsewhere, improving user authentication is critical, but users are demanding ease of use, says Singapore-based Tom Wills, director at Ontrack Advisory. He describes the roles that biometrics and artificial intelligence will play.
Two Russian hackers, members of a group called "Shaltay-Boltai" - Humpty Dumpty in Russian - that stole and sold high-level Russian officials' emails, have been sentenced to serve three years in prison. The case against them may tie to a high-profile Russian treason investigation.
Cory Mazzola, a cybersecurity leader at Las Vegas Sands Corp., says recruiting security pros amid a talent shortage requires putting aside expectations about degrees and backgrounds. Instead, he says companies need to be willing to develop new skills in their new hires.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.